From 510704875d339b68e846bff062c71e2e6ea66f39 Mon Sep 17 00:00:00 2001 From: joerivrij Date: Mon, 26 Jun 2023 11:09:36 +0200 Subject: [PATCH] Adds a working example for flux (#8) Removes jobs for an initcontainer --- flux/README.md | 11 +++++ flux/oci.yaml | 45 +++++++++++++++++++ flux/secret.sh | 40 +++++++++++++++++ .../charts/ac/templates/deployment.yaml | 32 +++++++++++++ .../charts/ac/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/ac/values.yaml | 1 + .../charts/brc/templates/deployment.yaml | 36 +++++++++++++++ .../charts/brc/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/brc/values.yaml | 1 + .../charts/drc/templates/deployment.yaml | 36 ++++++++++++++- .../charts/drc/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/drc/values.yaml | 1 + .../charts/nrc/templates/deployment.yaml | 32 +++++++++++++ .../charts/nrc/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/nrc/values.yaml | 1 + helm/ri-zgw/charts/vrl/values.yaml | 1 - .../charts/zrc/templates/deployment.yaml | 36 ++++++++++++++- .../charts/zrc/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/zrc/values.yaml | 1 + .../charts/ztc/templates/deployment.yaml | 34 +++++++++++++- .../charts/ztc/templates/seeder/job.yaml | 32 ------------- helm/ri-zgw/charts/ztc/values.yaml | 1 + helm/ri-zgw/values.yaml | 22 ++++----- k8s/postgres.yaml | 37 +++++++++++++++ parser/env.yaml | 2 - parser/parser.py | 10 ++++- 26 files changed, 362 insertions(+), 210 deletions(-) create mode 100644 flux/README.md create mode 100644 flux/oci.yaml create mode 100755 flux/secret.sh delete mode 100644 helm/ri-zgw/charts/ac/templates/seeder/job.yaml delete mode 100644 helm/ri-zgw/charts/brc/templates/seeder/job.yaml delete mode 100644 helm/ri-zgw/charts/drc/templates/seeder/job.yaml delete mode 100644 helm/ri-zgw/charts/nrc/templates/seeder/job.yaml delete mode 100644 helm/ri-zgw/charts/zrc/templates/seeder/job.yaml delete mode 100644 helm/ri-zgw/charts/ztc/templates/seeder/job.yaml create mode 100644 k8s/postgres.yaml diff --git a/flux/README.md b/flux/README.md new file mode 100644 index 0000000..102f5b4 --- /dev/null +++ b/flux/README.md @@ -0,0 +1,11 @@ +# Flux + + +## Introductie + +Flux is een gitops tool om automatisch de inhoud van een git repository te deployen op kubernetes. + + +## Werking + +Flux heeft een repo nodig als bron. In ons geval is dat een `OCI` Helm repository \ No newline at end of file diff --git a/flux/oci.yaml b/flux/oci.yaml new file mode 100644 index 0000000..c2f623d --- /dev/null +++ b/flux/oci.yaml @@ -0,0 +1,45 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: oci-repo + namespace: zgw +spec: + interval: 5m + type: oci + url: oci://ghcr.io/vng-realisatie + secretRef: + name: ghcr-auth +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: zgw + namespace: zgw-test +spec: + interval: 5m + targetNamespace: zgw-test + releaseName: zgw-test + chart: + spec: + chart: ri-zgw-test + sourceRef: + kind: HelmRepository + name: oci-repo + namespace: zgw +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: zgw + namespace: zgw +spec: + interval: 5m + targetNamespace: zgw + releaseName: zgw + chart: + spec: + chart: ri-zgw + sourceRef: + kind: HelmRepository + name: oci-repo + namespace: zgw diff --git a/flux/secret.sh b/flux/secret.sh new file mode 100755 index 0000000..7c5812f --- /dev/null +++ b/flux/secret.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +SECRET_NAME="ghcr-auth" +NAMESPACE="zgw" + +delete_secret() { + local secret_name=$1 + local namespace=$2 + + existing_secret=$(kubectl get secret $secret_name -n $namespace --no-headers=true --ignore-not-found=true) + + if [[ -n $existing_secret ]]; then + echo "Deleting secret $secret_name in ns $namespace." + kubectl delete secret $secret_name -n $namespace + else + echo "Secret $secret_name does not exist in ns $namespace. Nothing to do." + fi +} + +create_secret() { + local secret_name=$1 + local namespace=$2 + local github_pat=$3 + + flux create secret oci $secret_name \ + --namespace=$namespace \ + --url=ghcr.io \ + --username=flux \ + --password=$github_pat +} + +# Check if GITHUB_PAT is provided as an argument, otherwise fetch it from the environment +if [[ -n $1 ]]; then + GITHUB_PAT=$1 +else + GITHUB_PAT=$GITHUB_PAT_ENV +fi + +delete_secret $SECRET_NAME $NAMESPACE +create_secret $SECRET_NAME $NAMESPACE $GITHUB_PAT diff --git a/helm/ri-zgw/charts/ac/templates/deployment.yaml b/helm/ri-zgw/charts/ac/templates/deployment.yaml index 9ed08af..f92e1cb 100644 --- a/helm/ri-zgw/charts/ac/templates/deployment.yaml +++ b/helm/ri-zgw/charts/ac/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,6 +128,8 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: AC_BASE_URL + value: {{ .Values.config.baseAddress }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: ALLOWED_HOSTS diff --git a/helm/ri-zgw/charts/ac/templates/seeder/job.yaml b/helm/ri-zgw/charts/ac/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/ac/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/ac/values.yaml b/helm/ri-zgw/charts/ac/values.yaml index ae19e38..a5c94b7 100644 --- a/helm/ri-zgw/charts/ac/values.yaml +++ b/helm/ri-zgw/charts/ac/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://autorisaties-api.test.vng.cloud branch: '' env: test host: autorisaties-api.test.vng.cloud,localhost,ac,ac.zgw-test.svc.cluster.local diff --git a/helm/ri-zgw/charts/brc/templates/deployment.yaml b/helm/ri-zgw/charts/brc/templates/deployment.yaml index 3931036..94bf7dd 100644 --- a/helm/ri-zgw/charts/brc/templates/deployment.yaml +++ b/helm/ri-zgw/charts/brc/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,6 +128,12 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: BRC_BASE_URL + value: {{ .Values.config.baseAddress }} + - name: NOTIFICATIONS_DISABLED + value: {{ .Values.global.config.notificationsDisabled | quote }} + - name: REDIS_CACHE + value: {{ .Values.global.redis.name }}:{{ .Values.global.redis.service.port | quote }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: ALLOWED_HOSTS diff --git a/helm/ri-zgw/charts/brc/templates/seeder/job.yaml b/helm/ri-zgw/charts/brc/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/brc/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/brc/values.yaml b/helm/ri-zgw/charts/brc/values.yaml index 2ad0719..15864cd 100644 --- a/helm/ri-zgw/charts/brc/values.yaml +++ b/helm/ri-zgw/charts/brc/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://besluiten-api.test.vng.cloud env: test host: besluiten-api.test.vng.cloud,localhost,brc,brc.zgw-test.svc.cluster.local pullPolicy: Always diff --git a/helm/ri-zgw/charts/drc/templates/deployment.yaml b/helm/ri-zgw/charts/drc/templates/deployment.yaml index 629a2f0..6494e78 100644 --- a/helm/ri-zgw/charts/drc/templates/deployment.yaml +++ b/helm/ri-zgw/charts/drc/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,10 +128,14 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: DRC_BASE_URL + value: {{ .Values.config.baseAddress }} + - name: REDIS_CACHE + value: {{ .Values.global.redis.name }}:{{ .Values.global.redis.service.port | quote }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: NOTIFICATIONS_DISABLED - value: "true" + value: {{ .Values.global.config.notificationsDisabled | quote }} - name: ALLOWED_HOSTS value: {{ .Values.config.host }} - name: DB_NAME diff --git a/helm/ri-zgw/charts/drc/templates/seeder/job.yaml b/helm/ri-zgw/charts/drc/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/drc/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/drc/values.yaml b/helm/ri-zgw/charts/drc/values.yaml index b5e8b96..a82ad1a 100644 --- a/helm/ri-zgw/charts/drc/values.yaml +++ b/helm/ri-zgw/charts/drc/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://documenten-api.test.vng.cloud env: test host: documenten-api.test.vng.cloud,localhost,drc,drc.zgw-test.svc.cluster.local pullPolicy: Always diff --git a/helm/ri-zgw/charts/nrc/templates/deployment.yaml b/helm/ri-zgw/charts/nrc/templates/deployment.yaml index ec8914a..1f9e9ae 100644 --- a/helm/ri-zgw/charts/nrc/templates/deployment.yaml +++ b/helm/ri-zgw/charts/nrc/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,6 +128,8 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: NRC_BASE_URL + value: {{ .Values.config.baseAddress }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: ALLOWED_HOSTS diff --git a/helm/ri-zgw/charts/nrc/templates/seeder/job.yaml b/helm/ri-zgw/charts/nrc/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/nrc/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/nrc/values.yaml b/helm/ri-zgw/charts/nrc/values.yaml index 557424e..83e4373 100644 --- a/helm/ri-zgw/charts/nrc/values.yaml +++ b/helm/ri-zgw/charts/nrc/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://notificaties-api.test.vng.cloud env: test host: notificaties-api.test.vng.cloud,localhost,nrc,nrc.zgw-test.svc.cluster.local pullPolicy: Always diff --git a/helm/ri-zgw/charts/vrl/values.yaml b/helm/ri-zgw/charts/vrl/values.yaml index 8ffefe7..fb58147 100644 --- a/helm/ri-zgw/charts/vrl/values.yaml +++ b/helm/ri-zgw/charts/vrl/values.yaml @@ -1,5 +1,4 @@ config: - host: referentielijsten-api.test.vng.cloud,localhost,vrl,vrl.zgw-test.svc.cluster.local ingressHost: k8s-vrl-local.test pullPolicy: Always replicas: diff --git a/helm/ri-zgw/charts/zrc/templates/deployment.yaml b/helm/ri-zgw/charts/zrc/templates/deployment.yaml index 9533d2e..60c99ae 100644 --- a/helm/ri-zgw/charts/zrc/templates/deployment.yaml +++ b/helm/ri-zgw/charts/zrc/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,6 +128,10 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: ZRC_BASE_URL + value: {{ .Values.config.baseAddress }} + - name: CACHE_DEFAULT + value: {{ .Values.global.redis.name }}:{{ .Values.global.redis.service.port | quote }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: ALLOWED_HOSTS @@ -107,7 +141,7 @@ spec: - name: DB_HOST value: {{ .Values.global.postgres.name }} - name: NOTIFICATIONS_DISABLED - value: "true" + value: {{ .Values.global.config.notificationsDisabled | quote }} - name: DB_USER valueFrom: secretKeyRef: diff --git a/helm/ri-zgw/charts/zrc/templates/seeder/job.yaml b/helm/ri-zgw/charts/zrc/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/zrc/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/zrc/values.yaml b/helm/ri-zgw/charts/zrc/values.yaml index 192c38c..b57797a 100644 --- a/helm/ri-zgw/charts/zrc/values.yaml +++ b/helm/ri-zgw/charts/zrc/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://zaken-api.test.vng.cloud env: test host: zaken-api.test.vng.cloud,localhost,zrc,zrc.zgw-test.svc.cluster.local pullPolicy: Always diff --git a/helm/ri-zgw/charts/ztc/templates/deployment.yaml b/helm/ri-zgw/charts/ztc/templates/deployment.yaml index 71d8ff2..cfac9b6 100644 --- a/helm/ri-zgw/charts/ztc/templates/deployment.yaml +++ b/helm/ri-zgw/charts/ztc/templates/deployment.yaml @@ -21,6 +21,36 @@ spec: - name: wait-for-postgres image: busybox:1.31 command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] + - name: {{ .Values.service.name }}-db-create + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME"; then + echo "Database '$DB_NAME' already exists" + exit 0 + else + echo "Creating database '$DB_NAME'" + createdb $DB_NAME + fi + env: + - name: PGHOST + value: {{ .Values.global.postgres.service.host }} + - name: DB_NAME + value: {{ .Values.database.name }} + - name: PGPORT + value: {{.Values.global.postgres.service.port | quote }} + - name: PGUSER + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.username_key }} + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.global.postgres.secretName }} + key: {{ .Values.global.postgres.password_key }} - name: {{ .Values.service.name }}-init image: {{ .Values.service.images.imageRepo}}:{{ .Values.service.images.tag }} imagePullPolicy: {{ .Values.config.pullPolicy }} @@ -98,6 +128,8 @@ spec: ports: - containerPort: {{ .Values.service.port }} env: + - name: ZTC_BASE_URL + value: {{ .Values.config.baseAddress }} - name: DJANGO_SETTINGS_MODULE value: {{.Values.service.name}}.conf.docker - name: ALLOWED_HOSTS @@ -117,7 +149,7 @@ spec: name: {{ .Values.global.postgres.secretName }} key: {{ .Values.global.postgres.password_key }} - name: NOTIFICATIONS_DISABLED - value: "true" + value: {{ .Values.global.config.notificationsDisabled | quote }} - name: {{ .Values.secret.key }} valueFrom: secretKeyRef: diff --git a/helm/ri-zgw/charts/ztc/templates/seeder/job.yaml b/helm/ri-zgw/charts/ztc/templates/seeder/job.yaml deleted file mode 100644 index 4ddd6c3..0000000 --- a/helm/ri-zgw/charts/ztc/templates/seeder/job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if .Values.global.config.createJobs }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Values.service.name }}-seeder - namespace: {{ .Values.global.namespace}} -spec: - ttlSecondsAfterFinished: 120 - template: - spec: - initContainers: - - name: wait-for-postgres - image: busybox:1.31 - command: [ 'sh', '-c', 'echo -e "Checking for the availability of postgres deployment"; while ! nc -z postgres 5432; do sleep 1; printf "-"; done; echo -e " >> POSTGRES has started";' ] - containers: - - name: seeder - image: bitnami/postgresql:latest - command: ["createdb"] - args: ["-h", "{{.Values.global.postgres.service.host }}", "-p", "{{.Values.global.postgres.service.port}}", "-U", "$(POSTGRES_USER)", {{ .Values.database.name }} ] - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.username_key }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.postgres.secretName }} - key: {{ .Values.global.postgres.password_key }} - restartPolicy: Never - {{end}} diff --git a/helm/ri-zgw/charts/ztc/values.yaml b/helm/ri-zgw/charts/ztc/values.yaml index 4f2f795..11bee57 100644 --- a/helm/ri-zgw/charts/ztc/values.yaml +++ b/helm/ri-zgw/charts/ztc/values.yaml @@ -1,4 +1,5 @@ config: + baseAddress: https://catalogi-api.test.vng.cloud env: test host: catalogi-api.test.vng.cloud,localhost,ztc,ztc.zgw-test.svc.cluster.local pullPolicy: Always diff --git a/helm/ri-zgw/values.yaml b/helm/ri-zgw/values.yaml index f557eae..8764507 100644 --- a/helm/ri-zgw/values.yaml +++ b/helm/ri-zgw/values.yaml @@ -5,18 +5,18 @@ global: config: certManager: true createCronJobs: false - createJobs: true createSecret: false enableTLS: true environment: test kube: 1.23.8 nginx: false + notificationsDisabled: true pullPolicy: Always name: ri namespace: zgw-test postgres: name: postgres - password: fPJUdnNgSmKwfzE5ah0EexpG + password: NHXANoh3urGhNe939URUcRjt password_key: password secretName: postgres service: @@ -25,7 +25,7 @@ global: username: postgres username_key: username rabbitmq: - default_password: ScW77ghcaWDtCHweZ8IzvhRI + default_password: l9jhDPEiP0zkmFoXolDDSKrU default_user: nrc_root name: rabbitmq port: 5672 @@ -37,23 +37,23 @@ global: service: port: 6379 secret_keys: - ac: (gd^uf)rp0dd#b96-dv_!$qmu!$c0b(2i1mq%uuwox_r_g*io3 - brc: pcw-5rqt0v#sw_@8m1(!b)mbgz62+&^kgw3%vr5m15g8bo@)h$ - drc: fcdp-o4mmnkcq04^#9^mz(w4yqy9ykvgf7f$c6i3=*k1)mh!7* - nrc: nry%oi^#wcdjc78y80!kv#f&p=oxy^pdhgn=76+&)qm$1!)a79 - zrc: 9qf@-6@lgm(-g&jyb)h_xqzi-v#)=s&+&xgw6n%bg%bva)%28m - ztc: jl5zy1e$bg_q_xg7j1nm%20$*6)pj486t_t!#9cus$rn_mm4_n + ac: 49epb-72e-mt+965&ecwt0#r*6wii4wx$3vw61!a%)&tozytgb + brc: t%r1cwfgz3bv12kz)#r3^6t!j24@)-76_f26^fe%oyat&h510m + drc: =(ms!jq=*5#euwv7xaq99guo))f1gy0dy^88)teug+mt*&=t-6 + nrc: 0m$t8_@%hjs*_oqp*leixhd@#skmru91vdhou#u2_4$=hbz@v6 + zrc: m#duu=ww9%cl-y+(oxa6n9ir0_ve#cqtqbaydendyqp9ez3-5c + ztc: _83%!2g9si(5sc!z7-9zjlc(6*sh0*+%7y@zu*u-5k9c!x$9zy tokenIssuer: identifier: token-issuer-seeded identifierKey: identifierTokens - secret: XkNH8mAVtFgyd4fHxCBxVCdn + secret: BAgCYETAJghqgtCUdebXOISB secretKey: secretTokens secretName: token-seeder tokenSeeder: imagePullPolicy: Never imageRepo: ghcr.io/vng-realisatie/token-seeder pullPolicy: Always - secret: 1wmQ6OuZ9PUV3EFLiBN3FuvA + secret: AuGOMHMjWoVUfNOvJcx3ETN7 secretKey: internalToken tag: 0.1.1 ingress: diff --git a/k8s/postgres.yaml b/k8s/postgres.yaml new file mode 100644 index 0000000..bc8f924 --- /dev/null +++ b/k8s/postgres.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: Pod +metadata: + name: deployment-seeder +spec: + containers: + - name: seeder + image: postgres:latest + command: + - bash + - -c + - | + if psql -lqt | cut -d \| -f 1 | grep -qw "$DBNAME"; then + echo "Database '$DBNAME' already exists" + exit 0 + else + echo "Creating database '$DBNAME'" + createdb $DBNAME + fi + env: + - name: PGHOST + value: postgres + - name: DBNAME + value: lsiidjf54tg + - name: PGPORT + value: "5432" # Adjust the port if necessary + - name: PGUSER + valueFrom: + secretKeyRef: + name: postgres + key: username + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: postgres + key: password + restartPolicy: Never diff --git a/parser/env.yaml b/parser/env.yaml index 41bf98d..f034638 100644 --- a/parser/env.yaml +++ b/parser/env.yaml @@ -123,7 +123,6 @@ local: production: global: createSecret: false - createJobs: false createCronJobs: false enableTLS: true nginx: false @@ -133,7 +132,6 @@ production: test: global: createSecret: false - createJobs: true createCronJobs: false enableTLS: true nginx: false diff --git a/parser/parser.py b/parser/parser.py index 2eedce8..0d53e37 100644 --- a/parser/parser.py +++ b/parser/parser.py @@ -198,8 +198,16 @@ def set_versions(env, cwd, helm_path, version): f"{service_name}.{namespace}.svc.cluster.local" ) host = f"{ingress_entry},localhost,{service_name},{internal_service_address}" - values["config"]["host"] = host + if service_name != "vrl": + values["config"]["host"] = host values["config"]["pullPolicy"] = "Never" + protocol = "http://" + if service_name != "vrl" and service_name != "token-issuer": + if env == "test" or env == "production": + protocol = "https://" + values["config"]["baseAddress"] = f"{protocol}{ingress_entry}" + else: + values["config"]["baseAddress"] = f"{protocol}{internal_service_address}" try: if values["config"]["env"]: values["config"]["env"] = env